""" Django production settings for django_project. Settings for production environment. """ import os from .base import * # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = os.environ.get('SECRET_KEY', 'django-insecure-4ju2n@$f9d0c=h)_g0lbb%k9&@rf(xa$d$g$&5ri$uf)*gev^4') # SECURITY WARNING: don't run with debug turned on in production! DEBUG = False ALLOWED_HOSTS = [ 'system.optinet.co.ke', 'www.system.optinet.co.ke', '127.0.0.1', 'localhost', ] CSRF_TRUSTED_ORIGINS = [ 'https://system.optinet.co.ke', 'https://www.system.optinet.co.ke', ] # Database - PostgreSQL for production DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql', 'NAME': os.environ.get('DB_NAME', 'life'), 'USER': os.environ.get('DB_USER', 'life_user'), 'PASSWORD': os.environ.get('DB_PASSWORD', 'Innov@t1'), 'HOST': os.environ.get('DB_HOST', '127.0.0.1'), 'PORT': os.environ.get('DB_PORT', '5432'), 'OPTIONS': { 'connect_timeout': 20, } } } # M-Pesa callback URL for production MPESA_CALLBACK_URL = os.getenv('MPESA_CALLBACK_URL', 'https://system.optinet.co.ke/payments/mpesa/callback/') MPESA_ENVIRONMENT = 'production' # Use production M-Pesa environment # Security settings for production SESSION_COOKIE_SECURE = True # Use secure cookies in production SECURE_SSL_REDIRECT = True SECURE_HSTS_SECONDS = 31536000 # 1 year SECURE_HSTS_INCLUDE_SUBDOMAINS = True SECURE_HSTS_PRELOAD = True SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_BROWSER_XSS_FILTER = True SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') # Ensure all middleware is included MIDDLEWARE.append('django.middleware.clickjacking.XFrameOptionsMiddleware') # Cache configuration for production (using Redis) CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.redis.RedisCache', 'LOCATION': 'redis://127.0.0.1:6379/1', } } # Email configuration for production EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' EMAIL_HOST = os.environ.get('EMAIL_HOST', 'smtp.gmail.com') EMAIL_PORT = int(os.environ.get('EMAIL_PORT', '587')) EMAIL_USE_TLS = True EMAIL_USE_SSL = False # Don't use both TLS and SSL EMAIL_HOST_USER = os.environ.get('EMAIL_HOST_USER', '') EMAIL_HOST_PASSWORD = os.environ.get('EMAIL_HOST_PASSWORD', '') DEFAULT_FROM_EMAIL = os.environ.get('DEFAULT_FROM_EMAIL', 'system@optinet.co.ke') EMAIL_TIMEOUT = 60 # Add timeout for email sending # Logging configuration for production LOGGING['handlers']['file']['filename'] = '/var/log/django/optinet_system.log'